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ABSTRACT 


We live in age of modern science. Computer Network is the best innovation of Modern science. A local area network (LAN) 
is a computer network within a small geographical area such as a home, school, computer laboratory, office building or 
group of buildings. A LAN is composed of inter-connected workstations and personal computers which are each capable of 
accessing and sharing data and devices, such as printers, scanners and data storage devices, anywhere on the LAN. LANs 
are characterized by higher communication and data transfer rates and the lack of any need for leased communication 
lines. A high-quality and correctly dimensioned network infrastructure is essential for all well- functional IT system. A 
Local Area Network based network can ensure high speed as well as high quality network. To fulfill the current 
requirements of AERE (Atomic Energy Research Establishment) considering its smooth operation of high speed internet 
service, LAN based network is the state-of-the-art network solution. A LAN network design refers to the specialized 
processes leading to a successful installation and operation of a network which includes determining the type of 
communication system(s) which will be carried over the network, the geographic layout, the transmission equipment 
required and the fiber network over which it will operate. The purpose of this Network is to design a Local Area Network 
(LAN) for AERE (Atomic Energy Research Establishment) and implement security measures to protect network resources 
and system services. To do so, I will deal with the physical and logical design of a LAN. The goal of this Network is to 
examine of the Local Area Network set up for AERE and build a secure LAN system. 
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INTRODUCTION 


A Computer Network is an arrangement that enables two or more computers to communicate (“talk’’) to each other, sharing 
resources, information and services [1]. Information is no. of use unless it is available at the time and place where it is 
required. This is especially true into day’s scenario where the competition is very tough. Networking of a computer is the 
best means to manage information. Very often we come across the phrase “This state has very good network roads” [2]. 
This is basically implying that it is possible to reach every nook and corner of the state fast, easily, and comfortably. Same 
analogy can be extended to networks of computers. Network of computers implies linking computers through some kind of 
a communication links. This does not mean simply connecting the computers through some wires, instead it also includes 
the software that makes this hardware work, and also ensures that the information between these computers is exchanged 


without any loss or distortion. In short, it encompasses the whole gamut of hardware and software component that make a 


computer network operate [3]. A local area network (LAN) is a collection of devices connected together in one physical 
location, such as a building, office, or home [4]. A LAN can be small or large, ranging from a home network with one user 
to an enterprise network with thousands of users and devices in an office or school. A local area network (LAN) is a group 
of computers and associated devices that share a common communications line or wireless link [5]. Usually, the server has 
applications and data storage that are shared in common by multiple computer users. A local area network may serve as 
few as two or three users (for example, in a home network) [6]. Networks are divided into two main categories: Local Area 
Networks (LANs) and Wide Area Networks (WANs). These two types of networks have different characteristics and 
different functionalities. In general, a LAN is a collection of computers and peripheral devices in a limited area such as a 
building or campus [7]. A LAN is usually under the domain of a single organization such as an institutional or department. 
The internet is, however, more than just a physical connection of LANs, internetworking protocols and standards are also 
needed. Network’s models serve to organize, unity, and control the hardware and software components of communication 
and networking. The Internet has revolutionized many aspects of our daily lives [8]. It has affected the way we do business 
as well as the way we spend our leisure time. Count the ways you have use the internet recently. Perhaps you have sent 
electronic mail (email) to a business associate, paid a utility bill, read a newspaper from a distant city, or looked up a local 
movie schedule all by using the internet or maybe you researched a medical topic, booked a hotel reservation, chatted with 
a fellow trekker or comparison shopped for a car. The internet is a communication system that has brought a wealth of 
information to our fingertips and organized it for out use [9] [10] [11]. The internet is a structured, organized system. 
Bangladesh Atomic Energy Commission is a scientific research organization and regulatory body of Bangladesh. Its main 
objective is to promote use of atomic energy for peaceful purposes. It was established on 27 February 1973. So it is 
important to Design, Deployment and Implementation of Local Area Network (LAN) at AERE (Atomic Energy Research 
Establishment). 


RESEARCH BACK GROUND 
Local Area Network 


Like any other data communication network, a local area network is composed of three basic hardware elements: a 
transmission medium, often twisted pair, coaxial cable, or fiber optics; a mechanism for control of transmission over the 
medium; and an interface to the network for the host computers or other devices-the nodes of the network-that are 
connected to the network. In addition, local area networks share with long-haul packet communication networks a fourth 
basic element: a set of software protocols, implemented in the host computers or other devices connected to the networks, 
which control the transmission of information from one host or device to another via the hardware elements of the network. 
These software protocols function at various levels, from low level packet transport protocols to high-level application 
protocols, and are an integral part of both local area networks and their close relatives, long-haul packet communication 
networks. This combined hardware-software approach to communication serves to distinguish networks, as discussed in 


this paper, from other arrangements of data communication hardware [12]. 
Optical Fiber 


An optical fiber is a flexible, transparent fiber made by drawing glass (silica) or plastic to a diameter slightly thicker than 
that of a human hair. Optical fibers are used most often as a means to transmit light between the two ends of the fiber and 


find wide usage in fiber-optic communications, where they permit transmission over longer distances and at higher 


bandwidths (data transfer rates) than electrical cables. Fibers are used instead of metal wires because signals travel along 
them with less loss; in addition, fibers are immune to electromagnetic interference, a problem from which metal wires 
suffer. Fibers are also used for illumination and imaging, and are often wrapped in bundles so they may be used to carry 
light into, or images out of confined spaces, as in the case of a fiberscope. Specially designed fibers are also used for a 


variety of other applications, some of them being fiber optic sensors and fiber lasers [13]. 
Atomic Energy Research Establishment (AERE) 


President Sheikh Mujibur Rahman ordered the establishment of an atomic research institute in 27 January 1973. Most of 
the research centers and educational institutions of Pakistan Atomic Energy Commission were in West Pakistan. After the 
Bangladesh Liberation war, Bangladesh only possessed were Atomic Energy Centre in Dhaka, Bangladesh Institute of 
Nuclear Agriculture and three nuclear medical centers [14]. Atomic Energy Research Establishment was established in 
1975 at Ganakbari, Savar Upazila, Dhaka District. It was placed under the administration of Bangladesh Atomic Energy 


Commission, which had been facing manpower shortages since the Independence of Bangladesh in 1971 [15]. 
Bangladesh Telecommunication Company Limited 


BTCL or Bangladesh Telecommunication Company Limited is the largest telecommunications company in Bangladesh. 
The company was founded as the Bangladesh Telegraph & Telephone Board (BTTB) Bangladesh's independence in 1971. 
On July 1, 2008 the BTTB became a public limited company and was renamed as BTCL [16]. 


Transmission Windows 


Optical fiber transmission uses wavelengths that are in the near-infrared portion of the spectrum, just above the visible, and 
thus undetectable to the unaided eye. Typical optical transmission wavelengths are 850 nm, 1310 nm, and 1550 nm. Both 
lasers and LEDs are used to transmit light through optical fiber. Lasers are usually used for 1310- or 1550-nm single-mode 


applications. LEDs are used for 850- or 1300-nm multimode applications [17]. 


Table 1: Fiber Optic Wavelength 











~ 800-900 nm 850 nm 
1250-1350 nm 1310 nm 
1500-1600 nm 1. nm 











METHODOLOGY 


Methodology is a system that how the process is gone. In my research paper, I have practically shown The Local Area 


Network with secure system. The following Block diagram is showing in my research paper methodology: 


Optical Fiber Cable from BTCL (ISP) 
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Optical Fiber Network Design & 
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Configuration of Firewall Machine 


Configuration of Router, Server & 
Manageable Switch 


Setup every work station or each User 


Figure 1: Block Diagram of Whole System Methodology. 
Optical Fiber and Local Area Network Design 
Next I consider actual component selection, placement, installation practices, testing, troubleshooting and network 


equipment installation and startup. Finally, I consider documentation, maintenance and planning for restoration in event of 


an outage. 





Figure 2: Local Area Network Design at AERE. 


My existing local area network (LAN) consists of computer network that interconnects computers situated in 
different buildings at AERE using network media. Inside LAN, our employees are offered a computer network design 
applying metallic structured cabling CAT6. This cabling enables data transfer up to 100 Mbps. The network backbone is 
then customized using optical links. I perform dimensioning of active elements, such as switches and routers, to ensure 
their margin was sufficient to meet our data throughput rate requirements. I provide 10 Mbps internet bandwidth from 
BTCL for high speed broadband internet services. I select Multi mode fiber (MF), four core cable for our network to cover 


all ICT services, such as voice, video, data, wireless access, security, surveillance and building automation. 
Optical Fiber Route Planning & Deployment from BTCL to AERE and LAN Setup 


In the next step, I start planning the route of optical fiber from ICS (Institute of Computer science) to CAD (Central 
administration Department) to determine exactly where the cable plant and hardware will be located having decided to use 
fiber optics and chosen equipment appropriate for the application. As every installation is unique, the actual placement of 
the cable plant is determined by the physical locations from ICS to CAD building along the route. The route distance is 500 
meter and I deploy the cable in the underground. Furthermore, as always premises and outside plant installations are 


different so I consider them separately. 
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Figure 3: Optical Fiber and Local Area Network Design & Deployment at AERE. 


Final planning for the deployment is a critical phase of any work as it involves coordinating activates of many 


people [18]. I develop a checklist based on the design path for smooth installation. 


NETWORK SECURITY 
Network Security Essential 


Network security has become more important to personal computer users, organizations, and the military. With the advent 
of the internet, security became a major concern and the history of security allows a better understanding of the emergence 
of security technology. The internet structure itself allowed for many security threats to occur. The architecture of the 
internet, when modified can reduce the possible attacks that can be sent across the network. Knowing the attack methods, 
allows for the appropriate security to emerge. Many businesses secure themselves from the internet by means of firewalls 
and encryption mechanisms. The businesses create an “intranet” to remain connected to the internet but secured from 
possible threats. The entire field of network security is vast and in an evolutionary stage. The range of study encompasses a 
brief history dating back to internet’s beginnings and the current development in network security. In order to understand 
the research being performed today, background knowledge of the internet, its vulnerabilities, attack methods through the 
internet, and security technology is important and therefore they are reviewed [19]. When developing a secure network, the 
following need to be considered: 1. Access— Authorized users are provided the means to communicate to and from a 
particular network 2. Confidentiality— Information in the network remains private 3. Authentication — Ensure the users of 
the network are who they say they are 4. Integrity — Ensure the message has not been modified in transit 5. 


Non-repudiation — Ensure the user does not refute that he used the network [20]. 
Security Services 


It is a processing or communication service that is provided by a system to give a specific kind of production to system 
resources. Security services implement security policies and are implemented by security mechanisms. Security Services 
are Confidentiality, Authentication, Peer Entity Authentication, Data Origin Authentication, Integrity, Connection Oriented 


Integrity [21]. 
Basic Technologies of Computer Network Security 


The basic technologies of computer network securities are Firewall technology, Data encryption technology, Intrusion 


detection technology, Anti-virus technology [22]. 


Types of Attacks 


4 Types of Attacks 1) Interception: Watches packets 2) Interruption: Steals or disturbs the data 3) Modification: Changes 


the data 4) Fabrication: Sends another message apart from original but having the same sender name [23]. 


Security Protocols 


a) Secure Socket Layer 


It is used in secure exchange of information between web browser and web server. It gives 2 security services. 1. 


Authentication 2. Confidentiality It has five layers: 





Application Layer 
Secure Socket Layer 








Transport Layer 
Internet Layer 
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Physical Layer 








Transport Layer uses HMAC 


SSL have 3 sub protocol. Handshake protocol— Connection Establishment. Record protocol —Actual message protocol. 


Alert Protocol - If client/ server detects error other party discloses the connection and the secret key is deleted. 


Computer Network Information Security Policy 


Set up a Firewall 


Firewalls are an important means to ensure network security, network management applications through the use of 
technology, packet filtering technology and agent technology, effectively control network access permissions, 


comprehensive data to external restrictions and discrimination [24]. 
Access Control 


Security policy and security model based on access control body set access permissions, such as to the identity of the user, 


password authentication, in order to gain the true identity of the user, to facilitate tracing network behavior [24]. 
Strengthening Intrusion Detection 


Network intrusion detection is a real-time network detection system can effectively compensate for the lack of firewalls 


and other protective means [24]. 
Information Encrypted 


Information technology is the key encryption technology to achieve information security, help strengthen security, through 
a particular encryption algorithm translated the important plaintext cipher text, so unauthorized users can not directly read 
the raw data, even if the data file is lost or stolen, as long as difficult to crack the key, so it will not lead to the leakage of 


confidential information, which greatly ensure information security [24]. 


Close some not Commonly used Services and Ports 


From the theory in terms of computer security, computer systems were more port system is also more secure. For using the 
computer in the process, especially when the operating system is installed in inadvertently will not have to install some 
service functions and ports, it will not only occupy a certain system information and also reduce the security of computer 
systems sex. In addition, in order to understand the use of the user interface can be installed port monitoring program. It 
can be determined by examining those ports are not commonly used. In addition, once a virus into a computer system, the 
monitoring program can automatically alarm, some of the function can automatically shut down the port, effectively 


prevent hacker intrusion [24]. 
IP Addresses are Correct Hidden PC 


IP address of the hacker and virus attacks must have a condition that is on the network and information attacks must have a 
real IP address to be a hacker to obtain the user's IP address mainly through the use of network technology to detect host 
information view, some of the traditional hackers and virus attacks, Flop overflow attacks and so must obtain address as 
preconditions. Therefore, the user should use a computer system when hiding your IP address, using a proxy server is the 
most common way to hide IP address, a hacker can only detect the proxy server IP address, but cannot get the user's real IP 
address You cannot find the real IP address will not be able to attack, effective maintenance of computer information and 


network security [24]. 
Authentication Technology 


Authentication should include at least verification protocol and license agreement. A variety of network applications and 
computer systems are needed to confirm the legality through authentication, and then determine its personal data and 
specific permissions. For authentication system, the legitimate user's identity is easy to be someone else pretending to be its 


most important technical indicators [24]. 
Timely Installation of Vulnerability Patch 


Vulnerability can be utilized during the attack weaknesses can be software, hardware, procedural shortcomings, functional 
design or improper configuration. University of Wisconsin Miller gives a research report on today's popular operating 


systems and applications, noting that the software cannot be without flaws and loopholes [24]. 
File Encryption and Digital Signature Technology 


File encryption and digital signature technology is to improve the security and confidentiality of information systems and 
data, one of the secrets to prevent external data theft, interception or destruction primary technologies. Depending on the 
role, file encryption and digital signature technology is mainly divided into data transmission, data storage, data integrity of 


the three kinds of discrimination [24]. 
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Figure 4: Usually the Digital Signing Process MD means Encryption Key. 


Data integrity identification technology is mainly involved in the transmission of information, access, processing 
of data related to the identity and to verify the contents, to confidentiality requirements, including general identification 
passwords, keys, identity, data items of the system by Comparative validation object input feature value meets the preset 


parameters, to achieve data security [24]. 
Security Services and Processes 


Security is fundamentally about protecting assets. Security is a path, not a destination. As we analyze our infrastructure and 
applications, we identify potential threats and understand that each threat presents a degree of risk. Security is about risk 
management and implementing effective countermeasures. Security services and processes depends on: Authentication, 


Authorization, Auditing, Confidentiality, Integrity [25]. 
Security in Linux Networks 


The Linux operating system is built with security features, as it provides the file access permission mechanism, which 


prevents the unauthorized users in gaining access to the files [26]. 


Firewalls 


A firewall is one of the most widely used solutions for the Internet world. All traffic inside to outside and vice versa, must 
pass through the firewall. Different types of firewalls have different types of rules and security policies. The authorized 
traffic will be sent based only on local policies. The firewall itself is protected, i.e.; it uses a trusted hardware and operating 


system [27]. 


CONFIGURATION 


Configuring Router 


I install the routers hardware properly before configuring and commissioning. I install all hardware properly to avoid 
damage. I Read all supplied manual properly before installing router. | Take a PC/Laptop with terminal emulator software 
(Hyper Terminal for windows mini com for Linux). The PC should have at least a standard communication port (Com-1) 
connect Router’s console to Pc’s communication port using console cable. I Turn on Pc’s and router power switch. 
Terminal will display router’s booting information. I have successfully booted router and configure using setup facility the 


router is now configured properly with initial configuration and ready to use. 
Configure Server 


Proxy Server satisfies web browser’s query by sending requested web page. Proxy does two main operations. First 
operation is to reduce internet bandwidth charges. And the second option is to limit web access to authorized user/PC. 
Users configure their web browser’s to use the proxy server instead of going to the internet directly. When a user sends any 
web request, proxy takes the request. Proxy is the only service, which heavily uses CPU, memory and storage 


simultaneously. I Installing Operating System and then configuration following: 
Operating System 


Buying operating system (OS) in Bangladesh is really a big headache. There are very few commercial operating systems. 
All commercial operating systems supports are not also available locally. So, I need to depend on foreign support we 
choose OS Centos-6.5 which includes squid with its entire options precompiled. Server OS should have a large amount of 
hardware support. Compare with My operating systems hardware compatibilities List (HCL), before choosing the OS. 
Installation Media; Install Linux operating system from any comfortable media like CD ROM, Hard disk including all 
network installation method. Installing OS; I have chosenCentos-6.5 Linux operating system. All other versions 


installation is almost same. I cover Centos-6.5 installation step by step. 
# Disk Partition Setup. 
# Boot loader configures. 
# Firewall configure manual. 
# Set root Password. 
# Package group selection automatically. 
# Escape boot diskette creation. 
# Video card configurations. 
# Configuring monitor. 
# Installation complete then reboot the system. 


Network configuration is Linux; I configure Linux server to enjoy networking features. Linux Networking 


Facility by default Linux support network, when I will install a system, Networking facility will be installed. Moreover, is 


a stalled system without a NIC card Networking will be available with to interface. IO helps to run all Network related 
services when other NIC is not available we can check/control network by “Network” service script nicely 


(/etc/rc,d/init.d/network). Use the following command connected to start/stop network Service. 


[root@ns1 root] # Service network stop. [root@ns1 root] # Service network start. [root@ns1 root] # Service 
network status. Determining IP address; now a day’s commonly all Pc’s come with a NIC, when Linux is installed this first 


device is called “eth0O” second one is “eth1” and so on. I can determine the IP address of these interfaces using “ifconfig” 
[root@snmp root] # if config. 


Assigning IP address using “if config”. We can assign an IP address on “ethO” interface using the” if config” 


command. This is the most common method. 
[root@snmp root] # if config ethO 10.0.0.100 net mask 255.255.255.0 up. 


The “up” at the end of the command activates the interface after assigning the IP. But this procedure is not 
permanent. When I will reboot the system the IP setting will be lost. To make this IP permanent, I need to change the script 
file for the particular interface. All files will be found in “/etc/sysconfig /network-scripts” directory. Now restart the 
“network” service to take effect. I need to restart the network service each time makes any type of change into these files. 
[root@nsl root] # service network restart use “ ifconfig” command to see the change. It will show the new IP setting. 
[root@snmp root] # if config. Assigning IP address using “netconfig”, we can also do it automatically using some 
graphical utility. “netgonfig” is a beautiful utility that we can use to edit those files automatically. It will offer to fill up 


essential fields. 


RESULTS 


My LAN networking at AERE smoothly installed. As a result of this LAN network, Atomic Energy Research 
Establishment (AERE) is getting a high speed internet service with Secure LAN System. 


FUTURE WORK 


In Future, I will extend my Local Area Network by adding Access Point (AP) and Wi-Fi devices. I will add more network 
devices to service the end user who are working at Atomic Energy Research Establishment. I will always update AERE 


LAN System to secure and protect any kind of attacks. 
CONCLUSIONS 


Today, optical fiber network is the smart network option for high-performance and it can provide cost-effective hybrid 
network architectures as well [28]. Furthermore, optical fiber networks are more energy-efficient and environmentally 
friendly [29]. In this work, I primarily focus on the unique aspects of optical fiber cable plant design and deployment and 
Local Area Network with Security system only. Our optical fiber network design and its deployment and LAN Secure 
Systems has been completed. As a result of this optical fiber network and Secure LAN System, Central Administration 
Division (CAD) of Atomic Energy Research Establishment (AERE) is getting a high speed internet service with Secure 
LAN System. 
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